﻿using System;
using System.Data;
using System.Configuration;
using System.Web;
using Token.Piker.Core.Model;
using Token.Piker.Common;


namespace Token.Piker.Core.Security
{
    /// <summary>
    /// 统一身份验证基础类
    /// </summary>
    public abstract class BasePage : System.Web.UI.Page
    {
        /// <summary>
        /// 重写Page的OnLoad方法以控制用户访问
        /// </summary>
        /// <param name="e"></param>
        protected override void OnLoad(EventArgs e)
        {
            //获得当前用户,继承此页面的所有页面可以直接调用 CurrentUser获得当前用户
            CurrentUser = Session[GlobalConstants.PIKER_USER_ID] as AbstractUser;

            //权限管理器
            IAuthzManager authzMgr = AuthzManagerFactory.Instance();

            switch (authzMgr.Validate(DesiredRole))
            {
                case EAuthenticateResult.AccessDeny:
                    Response.Redirect(NoAccessPage);
                    return;
                case EAuthenticateResult.NotLogged:
                    Response.Redirect(LoginPage);
                    return;
                case EAuthenticateResult.Passed:
                    break;
                default:
                    Response.Redirect(LoginPage);
                    return;
            }
            // cacheable ?
            if (NoCache)
            {
                Response.Cache.SetExpires(DateTime.MinValue);
                Response.Cache.SetCacheability(HttpCacheability.NoCache);
                Response.Cache.SetVaryByCustom("browser");
                Response.Cache.SetValidUntilExpires(true);
            }

            base.OnLoad(e);
        }

        /// <summary>
        /// 验证用户有无相应角色权限
        /// </summary>
        /// <param name="desiredRole">需要的权限</param>
        /// <returns>结果</returns>
        protected bool HasRight(AbstractUser.ERole desiredRole)
        {
            //权限管理器
            IAuthzManager authzMgr = AuthzManagerFactory.Instance();

            EAuthenticateResult result = authzMgr.Validate(desiredRole);

            if (result == EAuthenticateResult.Passed)
                return true;
            else
                return false;
        }



        private AbstractUser.ERole _desiredRole = AbstractUser.ERole.已验证;         // 默认要求实习编辑以上权限
        public AbstractUser.ERole DesiredRole
        {
            set { this._desiredRole = value; }
            get { return this._desiredRole; }
        }
        /// <summary>
        /// the URL to redirect when user identification failed.
        /// default to ~/Login.aspx
        /// </summary>
        private string _loginPage = "~/admin/Login.aspx";
        public string LoginPage
        {
            set { this._loginPage = value; }
            get { return this._loginPage; }
        }

        string _noAccessPage = "~/admin/Error.html";
        public string NoAccessPage
        {
            get { return _noAccessPage; }
            set { _noAccessPage = value; }
        }

        
        bool _noCache = false;
        /// <summary>
        /// 是否在用户浏览器中缓存此页。默认不缓存。
        /// </summary>
        public bool NoCache
        {
            get { return _noCache; }
            set { _noCache = value; }
        }


        private AbstractUser _currentUser;

        public AbstractUser CurrentUser
        {
            get { return _currentUser; }
            set { _currentUser = value; }
        }

        
    }
}